Plain Convo about Threat Intelligence

After two-and-a-half years, I’ve decided to publicly take up the pen again on professional topics. Mostly its for me to record my thoughts — but of course that means you are free to think along!

What is Intelligence?

Intelligence is super simple — so simple, in fact it can be easily misunderstood. It is the ability to intentionally acquire knowledge. For example, cyber threat intelligence would be the ability to acquire knowledge (AKA learn) about cyber threats.

What is the mysterious intelligence cycle?

It’s a model for how people tasked with acquiring knowledge go about their jobs. It’s not all that different from models like the software development lifecycle: You start out with requirements, figure out a way to meet the requirements, give it a try, show the customer, ask them what they think, and do it again.

How do I choose a cyber threat intelligence provider?

Well, let’s not worry about choosing providers until we know exactly what knowledge you want to have. Try answering this as a starting point: What question if you knew the answer to it, would most significantly improve your security operations?

Once you can identify that question, you are starting to operate your own intelligence cycle. It’s exciting! You are doing intelligence!